Zero-knowledge proof and scalability

Recorded: April 25, 2023 Duration: 0:54:48

Player

Snippets

Hello, please wait a minute. We're still waiting for the speakers growing in the space.
Hi guys, greeting from Austin. Adam, please accept the request, accept the invitation to be the speaker. And then may I keep the floor to edge? Hello, everyone.
Alright, it looks like we're just about ready to get this underway. It's my microphone, okay? Uh, um, um, it looks like we, uh,
Was that a yes? Sorry.
Okay, great. All right, so I think we're going to get underway. This episode of NEOs Twitter Spaces will send to Ron zero knowledge proofs as something of a silver bullet for resolving several barriers to adoption that blockchain technology has encountered so far. They make it possible to
prove the validity of information without revealing any sensitive data in the process. And itself, that's not actually all that novel, but what's novel is that it's now done in a way that can be applied practically. Today, we'll talk about how zero-knowledge tools can be used to provide scalability, privacy, and just
generally broadened the applicability blockchain. My name is Brett, I'm probably better known as Edge, and Neil was kind enough to invite me to co-host this space. The main event today is a panel discussion where we'll join by several guests from projects that are adopting zero-knowledge technology in their own ways.
to give you a brief background for myself. I'm an Anchezo G who wears many hats in the New Eka system. Primarily I serve as one of the editors of the industry today responsible for our technical and more developer-facing coverage. And I also act as project leader for Gasborne, which is our Web 3 on Bawning tool.
Now I'll have guests give a short introduction about themselves and the projects they are working on. I'm going to have to pick on someone so I think it's going to be Uray which you tell us a little bit about yourself and artably.
We are a decentralized network that actually providing a row up as a server. So basically what we do is that you can fire up a application specific or general purpose row up dedicated for your application.
and then we can manage the infront and everything for you. So for upside basically you can just fire your own Zika Rob chain so then we take care of everything else. Yeah that's basically it. Going back to you.
Sure, thanks Rick. I actually introduced Ray, but I don't think R3 is here right now or I'll triple E rather. But thank you for the intro on Opside. Should we move on to Doug, who is the Chief Scientist of Mystical,
is a project that holds privacy as the most important issue to solve. Can you tell us a little bit more Doug? Hi guys, thank you for inviting us. Our project Mystical is a prime example of the multi-channel prime
and it's like the user can send a request from a sender to the receiver which may be a single channel or a cross-transaction. But we can do it in a privacy preserving way in which that no one can recover the transaction link. So it's a CIFS
similar to the ZCache, but we support matchbox and also we support cross-scientious sections. And for myself, I'm a job scientist of the mystical and myself is also a researcher on the topic around cryptography, including CK or NPC. Yeah.
Great, thanks for that Doug. I'll go back to Ray now. Could you tell us a little bit about yourself and artically?
Sure, so thanks Neil, thanks Ed for having me here in this panel and hi everyone, this is Ray Gong and you can call me Ray for short. I'm now a PhD student in Hong Kong Polytechnic University and my research is about
apply cryptography and now I'm focusing on zero-knowledge proofs, blockchain, and multi-party computation. I'm also a co-founder of the Artrepo-E community in New, which stands for real-time Oracle. So this project aims to bring
real-time and low latency data to new launching ecosystem with reduced phase and besides in the long long long long we plan to launch a series of other like exciting properties like authentication
Did we lose you that, right?
Yeah, sounds like we did. All right, no worries. Let's move on to Adam from ZK meta is the CEO and they are a layer two focusing on game develops from Polyglon. Yeah, thanks, age. Thanks for the new having this.
And yeah, Haruand, this is Adam. So I'm the CEO of ZikiMeta as H introduced is a game-specific layer to build on polygon and actually
The semi-atenance that I have with the other projects is called the era 7, which is a trading card game built on Binance chain. Like in the launch name last year and we
We basically, one of the top DU trading card game on BinanceShin. To solve our problem, how is the high transaction fees, all the stuff. We are trying to adopt Ziki zero knowledge and
also using the Rolab type technologies and also together like we are partnership with the op-sides to trying to fund in the proper solutions for the game by scenario. Thanks.
Cool, thanks for that Adam.
I think we can move on to.
Is that only me? I didn't hear anything.
Sorry, the Internet is a very useful thing to start in another tune. We will be back soon.
sure no problem, let's switch.
That's always weird, does he? Yes, his back.
Yes, yes. How good? Do we blame my long on this? No, we can definitely blame Elon over this. All right, I think we can move on to the panel discussion. I see that Ray is also having some technical issues.
but I think we can wait for her to join us as we go. So let's jump into our first question, which my Freight is not going to be an easy one, which is what is a zero-knowledge proof and how our blockchains making use of them, which one of our panelists wants to kick us off.
I think I can take that. So to us, right, I think everyone should have some kind of touch to the ZKP as we said, the zero knowledge proof in
when we interact with the blockchain. So it basically is basically a crypto graphic and concept or one party could prove to the other party for a certain statement is true without revealing other information.
So this is a little bit like not really self explanatory because like how could you do that right? So we can we can take an example like I think a famous example online that you guys when you're reading some kind of materials, you usually find that there is
like a well is Wally, kind of example. So let me explain that example. So that is a big paintings of a marketplace. And then in that marketplace, in a painting, there is a lot of people, right? And then you have to prove to your friends that that you know where Wally is, right? And then what you're going to do is
You're going to take another big, really, really big paper and then cover it up. Then you actually put a haul in that white paper and then you just show where the wall is without revealing actual paintings. That's kind of like the really exact simple examples of
providing zero knowledge, zero knowledge proof to your friends telling your friend that you actually know where the wallet is but without revealing any information about the paintings right because your friend does not know in the left corner or right corner or where the wallet is but then you actually prove your assignment that you
no wallets. That's really a single example of zero knowledge proof. And then how does that work in blockchain technology? I mean privacy is the main concern in blockchain technology. One good thing is, you know, everything is verifiable on chain because
know everything is on chain. But the other thing is sometimes I don't want to have the transactions on chain. How can we do that? And then with zero knowledge proof, we can actually do that by as we said by certifying something without you know, providing
the whole picture. So that way we can hide some kind of transactions. So for example, transactions, you don't want to show your wallet addresses that's actually possibility by using a zero-nudge proof. One of the example will be like I think one of our
speaker just said that their application is not able to cross-chain transfer and then without actually have the whole transaction data on chain. So that's actually one and the other one, like maybe some of you have used like CK box, I think some similar applications.
You can just transfer stable coins in a without telling where you're from, things like that. So that's a real basic applications using the K-Cave proof blockchain. I think if you guys have anything to add,
Oh hi, this is Doug from Mystical. Yeah, I think, let's speak is very important in about the K, which means you can prove something without revealing the sensitive information. And I also think to make it work on blockchain technology.
Another property is like, so for modern construction of the AK, such as the AK Snarks or GOR16, I non-interactive, which means the only node can verify the proof and subsequently validate the blockchain without communication, result for over. And this decentralization and
transparency is crucial for maintaining the integrity of the whole block chain. Because the original design of the AK, say from 20 or 30 years ago, is not a non-intactive one, but until the modern construction, we have a practical non-intactive, which makes it really works on the block chain. Yeah.
I just think of one of the very interesting examples to echo your comments. Because the technology is not new. It's like 30, 40 years ago.
Another metaphor is more like if you want to prove to your friends that you have the passcode of your safe in your house. So the one interactive way is let your friends stand
stand away like ten meters and you just enter the passcode without letting him know and you open a sieve. In that way you prove you have the access to like you can open a sieve but without the review of the passcode. But this is
the way of like how you showing friends like interactively. So that's like a prick-hack, but because on blockchain we want the people who are proving and who actually the prover actually are not
I will see in line with the people who are providing the transactions. So that's why we need a crypto way to do it non-interactively. Yeah, so that's just not enough.
Thank you for your insights guys. Raid you have anything to add to that?
Yes, so thanks, but sorry for my internet is not very reliable. One thing that I want to mention, but I do not know whether they have mentioned it or not, is the succinct.
we already talked about the Kisnark, which stands for like zero knowledge, succinct, non-interactive, argument of knowledge, right? So I've heard that they've talked about non-interactive and another important property is succinct. What does succinct
So the setting is like a prover has a public statement which this statement will be possessed by the verify and the prover also possess a private statement.
release, we call release. So how to prove that this private release satisfies this statement without revealing the actual release? So the our idea is to generate a proof and send this proof to the verify. But on our
way to prove that is to we can actually just send the Venus directly to the verifier and the verifier can like, uh, uh, uh, uh, rerun the process and to verify that weather this statement is true or not.
So if I give a really simple example, we can think of like, okay, so say here I'm a prover and like at you are the verifier and I show you a graph with vertices and I want to prove to you
that the vertices in this graph can be labeled by like three different colors say red, blue and green. In a way such that any two adjacent vertices cannot be labeled by the same color. So this is really a really famous problem called
three coloring problem and it's actually empty complete. So in this problem the statement will be like this specific graph can be labeled by three different colors and the witness is how and label each vertices with a specific color.
So the naive way is that I can just send you the label of each vertices. So you can just verify that whether each two adjacent vertices are labeled by the same color or not.
synced here is really important as I will send a proof to you so that you can verify the proof and the proof here is much more smaller than the winnets itself so that so firstly I run or to review the winnets and secondly the
verification will be very fast and if we do the verification on chain so the gas fee is will be reduced by just the sending the winners is so yeah that's my like additional like comment for this problem
Thanks for that, Ray. That was a good addition actually. We've rounded out the ZK snark really well there. And I think the succinctness, the succinct property is something that is actually critical for blockchain and that if proofs
could not be verified quickly and if they were these huge cumbersome things, we would never be able to generate any kind of scalability enhancements. So it would be kind of an exercise in futility trying to put them on chain, but obviously with the six-inckness it's.
that problem is taken away and we can do some pretty crazy things with scalability. So let's take that and move on to our next question, which is what are the benefits of using zero knowledge proofs in blockchain application development?
Okay, um, yeah, but I'm over because all the rest of speakers they are really deep into the I will say technology is I probably Using our like because our project is more using ZKP just just using the benefits
and trying to fund the application scenarios. So right now basically I think the core policy, the functionalities, we see the ZKP is very good, is basically you can do all the transactions and related
calculations of chain and then you prove, since the proofs back to the layer 1 to verify it, that's you actually calculated the transactions honestly. So, and then, as mentioned by Ray's, like
the whole process because they have also the the succeed way, which means like you actually transfer or in a way compose the data into a very short amount like statements that actually
represents a lot of multiple transactions of change. So in that case, you basically, you can compose a lot of transactions in one goal. Yeah, 12 hours back to end users or to the developers using the technology, the basic
the results is you save a lot of gas. You are not only just composing a lot of transactions and you just send in one go, but you actually save a lot of energy when you do the process. So, for example, there
During our game development, we deployed a lot of small contracts related to a loot box, but because it's a trading card game, we put a hundred cards in one loot box, and then we'll like, interact with the small contracts, and you can open the
box and then you can get there is the timer but you can get 10 cards in one go which means one interaction actually at the back end you have like 10 transactions but without using the KPP or the key role ups we
we basically like sending to transactions. It's just like save the interaction time of users, but you didn't save any transaction gas. So in our case, they pay a little bit less gas, but that's still obviously to 80% of the
guess they should pay. But if you actually put this interaction using the key lobs, you can do 10% of the original guess. So that's one of the examples we can countries. That's all. Any other add-ons?
Oh, yes, I... sorry. So you first? Okay, okay. Thank you. So, yeah, so in our opinion, so Zika itself is a well-studied topic in photography. It's first proposed, like, I think, almost 40 years ago,
And other things we are talking about today, this is a proof of security and reliable of the system as a formal proof, including the JK. Okay, so term JK is not a naive term, you can formally prove that a protocol is JK. So then apply to blockchain, I think JK can effectively or try to
is the issue. For example, we can prove an ownership of some coins without revealing the particular coins you are owned. So this is a case in our project. And also think about everything on blockchain,
So there has been extensive research on the lake of privacy within the blockchain ecosystem. So the decay can place a crucial role in solving these products, evolving transparency while ensuring user privacy. I think that is the benefit of using the decay in blockchain.
on our project upside. So we are more focusing towards scalability. So I think because I think as the I guess speaker actually talk about the
Fast how fast we can verify the data using ZKP so our scalability become like one of the one of the possibilities to do using ZKP so on our project outside we actually
focusing a lot on that. So before you cannot even, you know, verify the transaction staff asked, then now nowadays, what we are doing here is we can enable you to actually have a private ZKP chain.
for yourself and then you can have all the computational powers there. And then we are also enhancing the process of the transactions and then you own the all compute powers. So I think scalability is one of the
things that ZKP provides is because how fast that protocol allows us to verify the transactions. So I think scalability is another one that actually the key benefit of the ZKP blockchain.
Yes, I also don't agree with Ray can other like speakers in my opinion. There are like two main benefits for using the K in blockchain. The one is skill ability and the other one is privacy. So although
ME in the area of cryptography, which can be sent as a security issue, but I would say that the key benefit of using ZK is the increased throughput. That is the scalability. Because I think it is a fundamental requirement.
for a system that can be actually used to replace our nowadays payment systems like Visa. So as there is, we all know that there is like blockchain dilemma, like there are three properties, decentralization, security, scalability,
and the blockchain can only achieve two of them. So I think most of the blockchain projects choose to achieve decentralization and security at first. So it is important for us to find another like suitable approach to achieve skill abilities so that it can
be really used in our daily lives. So for the scalability, we usually use the approach code like using zero knowledge. We call it like the SDK row app, like layer 2 scaling solution.
So, I think we've talked about the basic idea. Like to row up a bundle of transactions into batches and execute them of chain, the operator just summits a summary of changes for representing all the transactions in this batch and with other
So the proof that demonstrates that the proposed changes are correct. So this is for the skill ability issue. And according to the skill abilities, according to the zero knowledge that we apply, there are more benefits like
some reduced fees and faster transactions fees. So as I have said before, the proof is succinct. So the verification, it saves the fee that is required to store and verify the transactions on-chain.
So this is the way that the skill ability hold here. And for another benefit is privacy. So the proof itself will not reveal the secret witness. And besides it can prove like our
process of some some coins without proposing our real identity in here. So this is another issue, but I think that the key point is first pay, skill ability, and secondly is privacy. I would say, yeah.
Thanks everyone for sharing your inputs on that. I think we covered a lot of good stuff. I think scalability is the one we've talked about the most here and naturally it's anything
you can do on block chain is going to be better if you can make it more scalable because you can reach more people, you can lower the latency. That's obviously going to be important for Adam with a game-focused layer 2.
But let's go a little bit more into the privacy. What is actually a ZK Snark doing to impart privacy to transactions and what are the benefits of this? Maybe Doug can kick us off on that point.
Since our project is working on the privacy, so maybe I can start this topic. So our project mystical, as I mentioned before, is an example of multi-chain privacy. So in a typical scenario, a standard initials, a transaction by selling coins to a
receiver, which can be a single change in section or a cross-chance section. Oquins have a so-called shadow ownership, which means the ownership is not valuable to the public, but can be approved. And Oquins are organized into a more-court tree, a more-court
So the receiver can prove the ownership of the quence and also the existence of the quence in the market tray using the Ronaldo proof or solution use
uses Goa 16, which is a typical example of the case scenario. As a very low-est on-chain cost among all the ZK protocols for now, because at first the process is really small and the replication is also
a constant set. So no matter how large the statement you want to prove, the goal 16 always has the same set of proof. Okay, so to make the whole thing more accessible, we also designed a device SDK for the user to develop our protocol on their own
blockchains and also as for now we are available on eth and bnb midnight so and also we are dropping OGFT to early adapter we will come everyone to try our solution and follow our discord and twitter call to get more detailed information
Okay, Adam, did you have something to add here?
Yeah, actually, I think there was a lot of this speaker from Ziki me, but they are not here because we are trying to cooperate them because we found they actually have a really good one with the privacy.
The thing is, for example, if the guy using KYC or the biometric way to identify a person is a person, and then all the rest of the data like multiple ones,
or like a data associate with that account, actually they can just authorize two different apps. For example, if like in our system, if they want to go into the game,
And I want to know if this guy actually is a real person because if they are real person and they also they was Record of interaction ways multiple GameCly projects. I may be record
I can add this guy as a higher level or higher priority of users so I can give them just a log some rights straight away so they can go straight into the ranking battle or something. So in that way we actually don't really know exactly but
but in that way, it proves through a third party. In that way, we are also really open to connect with more third party who do the identity
proof or authentication in that way we don't really need to know like a very every details. We want to know like to what level this guy is a real guy or to which level is available users and that's all.
Then we can, for much like, I will say customize our user journey or user flow. I think that will be providing much more easy for us to operation. Thank you. Back to H.
Thanks for those insights Adam. Yeah, I definitely agree that Authorization is a really interesting space here like imagine a world where you could walk into a bar and prove that you're over 18 without needing to share your ID with someone that may not have your best interest in mind ZK is definitely the thing here that's gonna
facilitate these sorts of solutions. Rick, did you have anything to chime in on this topic of privacy? Yeah, so definitely. I'm actually having in touch with one of the projects that actually does the try to do try to combine alcohol
industry into Web3. So they are actually doing some kind of the authentication and identity management with ZGAP. So then actually just echo what you are just saying, like you don't have to prove your, you don't actually have to show your ages.
but just have to use the CKP knowledge to prove that you actually allowed to drink. So that's kind of one of the applications. I think the other one is something that for developer mostly is that you can actually provide like protections to your
small contract data. So some data that means to be sensitive, you know that all the contract is online right so that basically people can verify the data. But some data we meant to be like sensitive, then we, the KPI also provide some kind of protection.
there providing protections on data in a small contract. I think that's the other aspect that the ZKP provides as the enhancement to the blockchain.
I'm back to you.
Thanks Ray and Ray, anything to add on privacy?
Yes, thanks, Dad. So basically, as a renoual proof can be used to help guarantee confidentiality and anonymity, I would say. So for example, like the transactions on-chain right now, you'll reveal the link
the linkability of the sender's address, the receiver's address, the input value, the output value, and so on. So this or this information is or public on the mentioned. So although this address is maybe like pseudo-radm, it can
can still be associated with some real-world identities by analyzing many on-chain data together. So, the Rinalil proof can actually protect this kind of information and achieve, like anonymous peer-to-peer
So for example, if a user wants to send a shielded transaction to the chain for privacy consideration, so how can others verify that this transaction is valid? But without
the detailed data inside this transaction. So one possible approach is to use zero knowledge proof. So for example, it should prove that the input values should sum to the output values in this transaction if we are talking
about UTXO model. So here, the input values should sum up to the output values and you should have the authority of spending this UTXO, right? So using the Aronolid proof, we should transfer this logic, this full logic that
will be verified on-chain into a proof so that verifying this proof is equally to examine this full logic. So in this way, ZK can help us to guarantee privacy but without sacrificing a security. Yeah, that's my point.
Cool, thanks for your input, Ray. I think we should probably move on to discussing some of the different use cases that each of you are pursuing in your own projects for zero knowledge.
I think maybe since we're on the topic of privacy, we'll start with Mr. Co, who could maybe tell us a little bit about their snark implementations across different L1s, their ideas for cross-chain operations and how they're
managing to remain auditable, which is a complete mystery to me. Oh, okay. So, and if you are familiar with the cache or solution is similar to the cache because the cache is as
So we use a similar way in fact, we allowed user to prove the ownership of some coins in a shadowed pool. Since the pool is

FAQ on Zero-knowledge proof and scalability | Twitter Space Recording

What is the focus of this Neos Twitter Spaces episode?
This Neos Twitter Spaces episode focuses on zero knowledge proofs and their potential to resolve adoption barriers of blockchain technology.
What do zero knowledge proofs make possible?
Zero knowledge proofs make it possible to prove the validity of information without revealing any sensitive data in the process.
What is novel about the way zero knowledge proofs are being applied?
What is novel about zero knowledge proofs is that they are now being applied in a way that can be practically used.
Who is Edge and what is his role in the new eka system?
Edge is an Anchezo G who serves as one of the editors of the industry today responsible for their technical and more developer-facing coverage. Additionally, he acts as project leader for Gasborne, a web 3 on bawning tool in the new eka system.
What is OpSide and what do they do?
OpSide is a decentralized network that provides a rollup as a server. They manage the infrastructure and everything for users to fire up their own general-purpose or application-specific rollup chain.
What is Mystical and what issue does it aim to solve?
Mystical is a project that aims to solve privacy issues in multi-channel communications. They provide a privacy-preserving way for users to send requests from a sender to a receiver, which may be a single channel or a cross-transaction.
What is ZK Meta and what do they do?
ZK Meta is a game-specific layer two built on Polygon that aims to solve high transaction fees by using zero knowledge and Rollup type technologies in partnership with OpSide.
What is a zero-knowledge proof?
A zero-knowledge proof is a cryptographic concept in which one party can prove to another party that a certain statement is true without revealing other information.
What is an example of zero-knowledge proof?
One example of a zero-knowledge proof is the "Where's Waldo?" example, in which a person can prove to their friend that they know where Waldo is in a picture without revealing the picture itself.
How can zero-knowledge proofs be used in blockchain technology?
Zero-knowledge proofs can be used in blockchain technology to provide privacy by certifying something without providing the whole picture, which can hide sensitive transaction data such as wallet addresses. This can be applied in various scenarios, such as cross-chain transfers or stablecoin transfers without revealing the sender's information.